MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering tiles that are stored as files on the server via web request. Creating the path to a file allows the insertion of "../" and thus read any file on the web server. Affected GET parameters are "TileMatrix", "TileRow", "TileCol" and "Format"
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 06 Aug 2025 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Maptiler
Maptiler tileserver Php |
|
CPEs | cpe:2.3:a:maptiler:tileserver_php:2.0:*:*:*:*:*:*:* | |
Vendors & Products |
Maptiler
Maptiler tileserver Php |
Tue, 29 Jul 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-22 | |
Metrics |
cvssV3_1
|
Tue, 29 Jul 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering tiles that are stored as files on the server via web request. Creating the path to a file allows the insertion of "../" and thus read any file on the web server. Affected GET parameters are "TileMatrix", "TileRow", "TileCol" and "Format" | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-07-29T17:35:10.848Z
Reserved: 2025-04-22T00:00:00.000Z
Link: CVE-2025-44137

Updated: 2025-07-29T17:25:23.007Z

Status : Analyzed
Published: 2025-07-29T17:15:33.493
Modified: 2025-08-06T20:48:00.790
Link: CVE-2025-44137

No data.

No data.